296 results about "Fuzz testing" patented technology

Embodiments of the present invention combine static analysis, source code instrumentation and feedback-guided fuzz testing to automatically detect resource exhaustion denial of service attacks in software and generate inputs of coma for vulnerable code segments. The static analysis of the code highlights portions that are potentially vulnerable, such as loops and recursions whose exit conditions are dependent on user input. The code segments are dynamically instrumented to provide a feedback value at the end of each execution. Evolutionary techniques are then employed to search among the possible inputs to find inputs that maximize the feedback score.

Systems and methods to deliver malformed data for software application fuzzing are described. In one aspect, a fuzzing engine receives well-formed valid input data from a test automation tool. The received data is for input into a software application to implement a functional test. Responsive to receiving the well-formed valid input data, the fuzzing engine automatically generates corresponding malformed data based on characteristics of the well-formed valid input data. The application is then automatically fuzzed with the malformed data to notify an end-user of any security vulnerabilities in one or more code paths of the application used to process the malformed data.

The invention belongs to the technical field of network security, and relates to a fuzz testing method based on static detection. The method comprises source code static analysis and executable code fuzz testing. According to the method, firstly, target software is subjected to static analysis through source code static analysis related software, and fuzz testing is carried out to obtain a static analysis result, then, code segments considered to have problems through the static analysis are subjected to pile inserting marking, and finally, testing cases are subjected to variation on the basis of the pile inserting marking, so that the testing cases can cover all code segments with problems. The fuzz testing method has the advantages that the advantages of the static detection and the fuzz testing are combined, the static detection is verified through the fuzz testing, and the false alarm condition of the static detection is excluded; on the other hand, the fuzz testing is guided by the static detection result, so that random testing cases used by the fuzz testing have a higher pertinence, and the fuzz testing efficiency is improved. The defects of high false alarm rate, low detection efficiency and the like of the traditional method adopting the random testing cases for testing are overcome.

The invention discloses a method for realizing fuzzing of software on the basis of a state protocol. The method comprises the following steps of: 1) acquiring a target state protocol to realize the normal interactive traffic of the software; 2) identifying and extracting a protocol interactive message and a message exchange process from the traffic to finally generate a protocol script file with a certain format; 3) traversing a target program protocol state machine to generate a normal test case ready for mutation; and 4) mutating the normal test case into an abnormal test case, and executing the fuzzing. The method can significantly improve the test coverage rate of the software on the basis of the state protocol by identifying the message and the interactive process of target program normal communication, establishing a state protocol state machine script, and traversing the protocol state machine to generate the test case.

The invention relates to a detection method for software vulnerability, and belongs to the technical field of information security. The detection method comprises the following specific steps of: (1) collecting a software source code program containing known vulnerability; (2) obtaining a vulnerability code table; (3) obtaining a control flow graph CFG and an assembly code of the program to be tested; (4) determining key analysis code segments in the assembly code of the program to be tested and obtaining all paths of passing through nodes corresponding to the key analysis code segments through the control flow graph CFG of the program to be tested; and (5) for each suspicious path, an improved Fuzzing test method is used for detection to obtain the test results of the program to be tested. In the invention, when a fitness function is determined, the dependence on the source code of the tested program is eliminated, and the availability of information is kept; and the redundant information in an abstract syntax tree is eliminated and the integrity of useful information is kept, therefore, the practicality is better, and the efficiency is higher.

The invention discloses a method for fuzz testing, which comprises the following steps that: first, selecting a group of initial test cases as a first-generation group, and the first-generation group serves as a current group; then adopting the test cases in the current group to test a tested software program, eliminate the test cases according to the obtained test results, and generate a next-generation group according to the test cases which are not eliminated in the current group; at this time, if the end conditions are satisfied, ending the test; and if the end conditions are not satisfied, the obtained next-generation group serves as the current group to continue the test in a circulating way until the end conditions are satisfied. The invention also discloses a system for fuzz testing. The invention can improve the security of the tested software program.

The system comprises: a receiving unit used for receiving the nature language enquiry request; an access unit used for accessing the location body database and location enquiry language database; wherein, the location body database comprises the domain knowledge description in the location service; said location enquiry language database comprises a language model used for making the location service enquiry, a natural language enquiry process unit used for searching location body database and location enquiry language database; for the received natural language enquiry request, making fuzzing process for at least one of the request, and finding the corresponding location information from the location database; and a transmitting device used for transmitting the location information to the user end.

The invention discloses a vulnerability detection system aiming at binary executable files and combining fuzz testing with symbolic execution, belongs to computer vulnerability detection software development technology and aims to increase detection depth and improve detection efficiency in binary file vulnerability detection scenes. The vulnerability detection system comprises a fuzzifier modulethrough optimization design, a symbolic execution module through optimization design and a fuzzifier skip symbol scheduling execution module, and a cache explorer and a task cooperation module are introduced. Advantages of fuzz testing and symbolic execution are combined for vulnerability detection of binary execution files. Evaluation experiments are conducted on the system, an application program provided by a qualification test of DARPA network challenge is adopted as a dataset, and contrast experiments are set on three objects including single fuzz testing, single symbolic execution and avulnerability mining system realized by the system. The system has remarkable effect, exploration of binary program compartment is accelerated, and running speed of the vulnerability mining system isincreased greatly.

The invention provides a binary oriented hybrid fuzzing method. The method includes: adopting fuzzing as front-end processing, and utilizing test cases to drive a tested program to be executed; adopting binary code coverage rate monitoring processing as intermediate layer processing, recording basic blocks covered by the tested program in the execution process of the tested program, and calculating coverage rate of fuzzing; when the calculated fuzzing coverage rate is no longer increased, executing symbolic execution processing serving as back-end processing, generating new test cases covering other paths different from the path of the current test case during symbolic execution processing, and then feeding back the new test cases to fuzzing to enable the new test cases to be used for driving the tested program to be executed by the fuzzing.

The invention relates to a security test of WEB application, and aims to provide a WEB dynamic security flaw detection method based on JAVA. The WEB dynamic security flaw detection method based on JAVA is used for detecting the security flaws of a WEB application system, and comprises the following steps: modifying JAVA middleware; performing fuzzing test and dynamic flaw tracking. Due to the adoption of the WEB dynamic security flaw detection method, more WEB security flaw problems can be found rapidly, the security flaw range of black box test can be better covered, more deep WEB security problems can be found, the problem of high cost in white box test can be solved, the specific position of a flaw code can be determined more accurately, and lower missing report rate and error report rate in a detection process are ensured.

The invention provides a network protocol fuzz testing method and device. The network protocol fuzz testing method and device can solves the defect that test case suites in existing network protocol fuzz testing modes are not intelligentized enough and can generate large amounts of redundant test cases. The method comprises the steps of, firstly, obtaining a plurality of protocol fields corresponding to a network protocol to be tested and composing a protocol field sequence group with the plurality of protocol fields; secondly, obtaining the attributes of every protocol field of the attribute values corresponding the attributes; thirdly, for every protocol field, performing combined operation on the attribute values of every attribute to obtain variance values, and composing a testing data set oriented to the protocol field with the variance values; fourthly, for every variance value in every testing data set, replacing the protocol field in the protocol field sequence group, which corresponds to the testing data set, with the variance value to obtain a replaced protocol field sequence group case; fifthly, according to the replaced protocol field sequence group cases of all the testing data sets, obtaining the testing cases of the network protocol.

The invention discloses a fabric fuzzing and pilling image segmentation method based on wavelet transformation and the morphological algorithm. The method comprises the steps that firstly, histogram equalization is carried out on an acquired fabric fuzzing and pilling image, and eight-stage multi-resolution wavelet decomposition is carried out; secondly, after the coefficient of a first-stage wavelet decomposition layer, the coefficient of a second-stage wavelet decomposition layer and the coefficient of an approximate wavelet decomposition layer are set to be zero, the image is reconstructed, wherein the first-stage wavelet decomposition layer and the second-stage wavelet decomposition layer express the highest-frequency information, and the approximate wavelet decomposition layer expresses low-frequency information; thirdly, binaryzation is carried out on the constructed image according to the maximum between-cluster variance method, and erosion is carried out on the image through a horizontal linear structure element, a 45-degree linear structure element, a vertical linear structure element and a 135-degree linear structure element in sequence; fourthly, dilation is carried out on the eroded image through structure elements with the sequence opposite to that of the structure elements applied to erosion, namely, the 135-degree linear structure element, the vertical linear structure element, the 45-degree linear structure element and the horizontal linear structure element in sequence. By means of the method, the influence of the texture of fabric, illumination unevenness, the surface roughness of the fabric and the size difference and shape difference of fuzzy balls on fuzzing and pilling grade assessment on the fabric can be effectively avoided.

The invention relates to the field of industrial control system safety, in particular to a PLC firmware fuzz testing system and method based on stain analysis. The testing system comprises a simulation environment end and a fuzz testing end, the fuzz testing end can be used for constructing a normal network data package and a fuzz testing case, and a communication link is established between the fuzz testing end and the simulation environment end; the simulation environment end comprises a simulation platform and a sub module; the sub module comprises a network card, a control module, a stainsource marking module, a stain tracking module, a sensitive word field determination module and an abnormity monitoring and recording module. According to the PLC firmware fuzz testing system and method, PLC firmware is used as a research object, by combining with a stain analysis and fuzz testing method, a network protocol data package which is input to a PLC is subjected to stain source markingand stain analysis under a simulation mode, and according to a data package sensitive word field which is marked in the stain analysis process, precise data variation is conducted, the fuzz testing case is constructed, and accordingly the pertinency and penetrability of fuzz testing for the PLC firmware are improved.

The invention provides a fuzz testing system for a stateful network protocol, and solves the problem the traditional network protocol fuzz test frame lacks support on complicated stateful protocols. The fuzz testing system comprises a data generation module, a session management module, a monitor and a driving module; the data generation module is used for storing raw data samples and fuzzing raw data based on a rule tree algorithm to generate fuzz testing cases; the session management module is used for connecting one or more requests defined in the fuzz testing cases into a directed acyclic graph, and then performing fuzz testing specific to each path; the monitor comprises a process monitor and a network monitor; the driving module is used for communicating with a to-be-tested target serve, sending test requests and receiving server response messages.

The embodiment of the invention provides a security testing method for protocol implementation, and comprises: mapping a protocol specification on which the protocol implementation is based to a first protocol state model; forming a second protocol state model by introducing an illegal state that corresponds to security failure into the first protocol state model; characterizing the testing purposes of the first protocol state model and the second protocol state model by utilizing an assertion; generating a mutated protocol state model by carrying out a mutative operation on the second protocol state model; performing a model test on the mutated protocol state model according to the assertion to generate a testing suite obtained from mapping a counter-example in the mutated protocol state model that violates the assertion; and carrying out a fuzzing test on the protocol implementation by a testing suite to test security holes in protocol implementation. The invented embodiment further provides a corresponding testing device. According to the invented embodiment, efficient and low-cost protocol security test is realized.

The invention relates to a black box and white box combined parallel fuzz testing method for executing feedback driving. The black box and white box combined parallel fuzz testing method comprises the following steps: (1) performing parallel fuzz testing on test software and an input seed document of the test software; (2) monitoring the executing process of the parallel fuzz testing and acquiring executing feedback information, wherein the executing feedback information comprises black box information and white box information; (3) establishing a quantitative model for the acquired black box information and white box information, and establishing a dispatching model according to quantified indexes; (4) performing dynamic dispatching executing on each time of the fuzz testing task by use of the dispatching module till the entire testing task is finished. The black box and white box combined parallel fuzz testing method utilizes the black box information and the white box information in combination for dynamic dispatching, and can excavate more bugs as much as possible while guaranteeing low expenditure, and the fuzz testing effect is improved.

The invention discloses an xml-based fuzzy test language protocol test script and a test engine. The protocol test script comprises a test script automatically generated based on a fuzzy test languageand a state machine according to industrial control and Internet of Things protocol message formats and a monitoring script generated based on the fuzzy test language and the state machine and aimingat the state of tested equipment. According to the xml-based fuzzy test language protocol test script and a test engine, the test script and the monitoring script are automatically generated based onthe language; and the test engine can automatically parse the script language to generate the test data packet and send the test data packet to the tested equipment to complete the test task, the efficient fuzzy test language enables the detection system to expand a new protocol very conveniently, and the test engine architecture also guarantees the flexibility and expansibility of a packet sending mechanism.

The invention discloses a fuzz testing system on the basis of a multi-swarm collaboration evolution genetic algorithm, and belongs to the field of software safety tests. The fuzz testing system comprises a fuzz testing end and a test sample generating end. The fuzz testing end is responsible for inputting test samples into systems to be tested and repeatedly testing and observing the systems to be tested; the test sample generating end is used for generating the test samples and transmitting the test samples to the fuzz testing ends via networks, computes individual adaptability values by the aid of collected information according to coverage frequencies of basic blocks and trigger conditions of unsafe functions, combines the individual adaptability values with the types of the unsafe functions and enables the test samples to evolve by the aid of a multi-swarm collaboration evolution genetic model, so that new samples can be generated. The fuzz testing system has the advantages that a code coverage rate can be increased when application programs of the networks are tested, and the vulnerability mining efficiency can be improved.

Provided are a method and a system capable of efficiently detecting security vulnerability of program. The system for detecting the security vulnerability according to an embodiment of the present invention includes a vulnerability detecting module that acquires crash information, a binary analysis module that determines priority of binary information and whether to execute the route detection, and a route detecting module that executes the route detection to generate a new test case.

The invention discloses an automatic vulnerability detection plugin generation method and system for an industrial control system. A current industrial control system vulnerability mining technology Fuzzing can find vulnerability but can not perform further processing on a vulnerability plugin. The method disclosed by the invention comprises a Fuzzing test link, a vulnerability playback link and avulnerability collecting link, the Fuzzing test link comprises the following sequential steps: constructing data sources and performing data storage; acquiring the data sources, starting to perform Fuzzing scanning, and mining vulnerability; monitoring a mining process; if all the data sources are completely polled and no problem is triggered, finishing the mining process; if a problem is triggered, acquiring node IDs of the data sources, and entering the vulnerability playback link; and the vulnerability playback link comprises the following sequential steps: generating the data sources andacquiring node information; acquiring the data sources, and starting to perform the Fuzzing scanning; and if no problem exists after verification, finishing, and if a problem exists, entering the vulnerability collecting link. The method disclosed by the invention can automatically generate a vulnerability detection plugin, converts unknown vulnerability into known vulnerability and improves vulnerability mining efficiency.

The invention discloses a sample format protection method and device for a gray box fuzzy test. The sample format protection method comprises the steps of training a machine learning model to enable the model to recognize the correctness of the format of a testing corpus; when the fuzzy test is conducted on a program, obtaining an initial corpus from a corpus set and mutating the initial corpus toobtain the testing corpus; using the testing corpus to conduct the fuzzy test on the program, and in the process of the fuzzy test, determining whether the format of the testing corpus is correct ornot through the model. When the format of the testing corpus is correct and the testing corpus covers a program code uncovered by an existing testing corpus, the testing corpus is added into the corpus set, and the process is repeated. In this way, the corpuses, with the correct format, determined in each fuzzy test is added into the corpus set, the correctness of the formats of the corpuses in the corpus set is guaranteed to the greatest extent, and the efficiency of the fuzzy test is improved. Moreover, through a position set, the mutation of the initial corpus is guided, an invalid mutationoperation is avoided, and the testing efficiency is further improved.

The invention provides a fuzzy test method. The method comprises the following steps of: selecting a predetermined number of seeds from a seed pool; mutating the selected seeds to generate a pluralityof program inputs; monitoring the running state of a target program which has received the program inputs, and obtaining memory state information of a test process; determining an average memory state space of the current test according to the acquired memory state information; aiming at the seeds participating in the test in the seed pool, respectively comparing memory state space correspondingto each seed with the average memory state space; and reserving the seeds of which the memory state space is greater than the average memory state space. The invention also provides a device for realizing a fuzzy test, electronic equipment and a computer readable storage medium.